diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 5e5f508b6b..ebd676b17a 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -3123,7 +3123,7 @@ function parse_cfg_file($filename, $lines = false)
 		}
 
 		// Determine first occurrence, since in values the equal sign is allowed
-		$key = strtolower(trim(substr($line, 0, $delim_pos)));
+		$key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))));
 		$value = trim(substr($line, $delim_pos + 1));
 
 		if (in_array($value, array('off', 'false', '0')))
@@ -3140,7 +3140,11 @@ function parse_cfg_file($filename, $lines = false)
 		}
 		else if (($value[0] == "'" && $value[sizeof($value) - 1] == "'") || ($value[0] == '"' && $value[sizeof($value) - 1] == '"'))
 		{
-			$value = substr($value, 1, sizeof($value)-2);
+			$value = htmlspecialchars(substr($value, 1, sizeof($value)-2));
+		}
+		else
+		{
+			$value = htmlspecialchars($value);
 		}
 
 		$parsed_items[$key] = $value;
diff --git a/phpBB/styles/prosilver/style.cfg b/phpBB/styles/prosilver/style.cfg
index 50755cdbe5..f4f67635dd 100644
--- a/phpBB/styles/prosilver/style.cfg
+++ b/phpBB/styles/prosilver/style.cfg
@@ -17,7 +17,7 @@
 
 # General Information about this style
 name = prosilver
-copyright = &copy; phpBB Group, 2007
+copyright = © phpBB Group, 2007
 style_version = 3.1.0-a3
 phpbb_version = 3.1.0-a3
 
diff --git a/phpBB/styles/subsilver2/style.cfg b/phpBB/styles/subsilver2/style.cfg
index 19441b43ba..9ca6077dfa 100644
--- a/phpBB/styles/subsilver2/style.cfg
+++ b/phpBB/styles/subsilver2/style.cfg
@@ -17,7 +17,7 @@
 
 # General Information about this style
 name = subsilver2
-copyright = &copy; 2005 phpBB Group
+copyright = © 2005 phpBB Group
 style_version = 3.1.0-a3
 phpbb_version = 3.1.0-a3
 
diff --git a/tests/functions/parse_cfg_file_test.php b/tests/functions/parse_cfg_file_test.php
new file mode 100644
index 0000000000..69000ddf72
--- /dev/null
+++ b/tests/functions/parse_cfg_file_test.php
@@ -0,0 +1,103 @@
+<?php
+/**
+*
+* @package testing
+* @copyright (c) 2014 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
+
+class phpbb_functions_parse_cfg_file extends phpbb_test_case
+{
+	public function parse_cfg_file_data()
+	{
+		return array(
+			array(
+				array(
+					'#',
+					'# phpBB Style Configuration File',
+					'#',
+					'# @package phpBB3',
+					'# @copyright (c) 2005 phpBB Group',
+					'# @license http://opensource.org/licenses/gpl-license.php GNU Public License',
+					'#',
+					'#',
+					'# At the left is the name, please do not change this',
+					'# At the right the value is entered',
+					'# For on/off options the valid values are on, off, 1, 0, true and false',
+					'#',
+					'# Values get trimmed, if you want to add a space in front or at the end of',
+					'# the value, then enclose the value with single or double quotes.',
+					'# Single and double quotes do not need to be escaped.',
+					'#',
+					'',
+					'# General Information about this style',
+					'name = prosilver',
+					'copyright = © phpBB Group, 2007',
+					'version = 3.0.12',
+				),
+				array(
+					'name'		=> 'prosilver',
+					'copyright'	=> '© phpBB Group, 2007',
+					'version'	=> '3.0.12',
+				),
+			),
+			array(
+				array(
+					'name = subsilver2',
+					'copyright = © 2005 phpBB Group',
+					'version = 3.0.12',
+				),
+				array(
+					'name'		=> 'subsilver2',
+					'copyright'	=> '© 2005 phpBB Group',
+					'version'	=> '3.0.12',
+				),
+			),
+			array(
+				array(
+					'foo = on',
+					'foo1 = true',
+					'foo2 = 1',
+					'bar = off',
+					'bar1 = false',
+					'bar2 = 0',
+					'foobar =',
+					'foobar1 = "asdf"',
+					'foobar2 = \'qwer\'',
+				),
+				array(
+					'foo'		=> true,
+					'foo1'		=> true,
+					'foo2'		=> true,
+					'bar'		=> false,
+					'bar1'		=> false,
+					'bar2'		=> false,
+					'foobar'	=> '',
+					'foobar1'	=> 'asdf',
+					'foobar2'	=> 'qwer',
+				),
+			),
+			array(
+				array(
+					'foo = &amp; bar',
+					'bar = <a href="test">Test</a>',
+				),
+				array(
+					'foo'		=> '&amp;amp; bar',
+					'bar'		=> '&lt;a href=&quot;test&quot;&gt;Test&lt;/a&gt;',
+				),
+			),
+		);
+	}
+
+	/**
+	* @dataProvider parse_cfg_file_data
+	*/
+	public function test_parse_cfg_file($file_contents, $expected)
+	{
+		$this->assertEquals($expected, parse_cfg_file(false, $file_contents));
+	}
+}